Aster DM Healthcare Limited and its subsidiaries (referred to as “we”, us”, “Aster”) is the author and publisher of the internet resource www.asterhospitals.in, www.astermedcity. com, www.asterbangalore.com/aster-cmi-hebbal, www.asterbangalore.com/aster-rv-jp-nagar www.asterprime. com/, asteraadhar.com/ www.astermims.com, www.astermimskannur.com, www.astermimskottakkal.com, rameshhospitals. com, www.asterwayanad.com and www.asterlabs.in its sub domain’s (together referred to as “Websites”) on the world wide web as well as other software and applications provided by Aster, including but not limited to the mobile applications (referred to as “App”, and together with Websites referred to as “Services”). Aster provides the Services in partnership with its agents, affiliates, associates, representatives or other third parties (together referred to as “Partners”)
This privacy policy ("Privacy Policy") explains how we collect, use, share and protect personal information about the Users of the Services (jointly and severally referred to as “you” or “User” or “Users” in this Privacy Policy). We created this Privacy Policy to demonstrate our commitment to the protection of your privacy and your personal information. Your use of and access to the Services is subject to this Privacy Policy and our Terms of Use. Any capitalized term used but not defined in this Privacy Policy shall have the meaning attributed to it in our Terms of Use.
BY CONFIRMING THAT YOU ARE BOUND BY THIS PRIVACY POLICY (BY THE MEANS PROVIDED ON THIS WEBSITE OR APP), BY USING THE SERVICES OR BY OTHERWISE GIVING US YOUR INFORMATION, YOU AGREE TO THE PRACTICES AND POLICIES OUTLINED IN THIS PRIVACY POLICY AND YOU HEREBY CONSENT TO OUR COLLECTION, USE AND SHARING OF YOUR INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY. WE RESERVE THE RIGHT TO CHANGE, MODIFY, ADD OR DELETE PORTIONS OF THE TERMS OF THIS PRIVACY POLICY, AT OUR SOLE DISCRETION, AT ANY TIME. IF YOU DO NOT AGREE WITH THIS PRIVACY POLICY AT ANY TIME, DO NOT USE ANY OF THE SERVICES OR GIVE US ANY OF YOUR INFORMATION. IF YOU USE THE SERVICES ON BEHALF OF SOMEONE ELSE (SUCH AS YOUR CHILD) OR AN ENTITY, YOU REPRESENT THAT YOU ARE AUTHORISED BY SUCH INDIVIDUAL OR ENTITY TO ACCEPT THIS PRIVACY POLICY ON SUCH INDIVIDUAL’S OR ENTITY’S BEHALF.
Why this Privacy Policy?
This Privacy Policy is published in compliance with, inter alia: Section 43A of the Information Technology Act, 2000;
- Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (the “SPI Rules”); and
- Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.
This Privacy Policy states the following:
- The type of information collected from the Users, including sensitive personal data or information;
- The purpose, means and modes of usage of such information; and
- How and to whom we will disclose such information.
Collection of Personal Information
Generally, some of the Services require us to know who you are so that we can best meet your needs. When you access the Services, we may ask you to voluntarily provide us with certain information that personally identifies you or could be used to personally identify you. Without prejudice to the generality of the above, information collected by us from you may include (but is not limited to) the following:
- Contact data (such as your email address and phone number);
- Demographic data (such as your gender, your date of birth and your pin code);
- Data regarding your usage of the services and history of the appointments and other transactions made by or with you through the use of Services;
- Health or medical data (such as your past medical history and conditions, diagnostic reports, prescriptions and medication history)
- Insurance data (such as your insurance carrier and insurance plan); and
- Other information that you voluntarily choose to provide to us (such as information shared by you with us through emails or letters, your work details, your family details)
The information collected from you by Aster may constitute ‘personal information’ or ‘sensitive personal data or information’ under the SPI Rules. Personal information is defined under the SPI Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
The SPI Rules further define “sensitive personal data or information” of a person to
mean personal information about that person relating to:
- passwords
- financial information such as bank accounts, credit and debit card details or other payment instrument details;
- physical, physiological and mental health condition;
- sexual orientation;
- medical records and history;
- biometric information;
- information received by body corporate under lawful contract or otherwise;
- visitor details as provided at the time of registration or thereafter; and
- Call data records
Information that is freely available in the public domain or accessible under the Right to Information Act, 2005 or any other law will not be regarded as personal information or sensitive personal data or information.
Privacy Statements
- A condition of each User’s use of and access to the Services is their acceptance of the Terms of Use, which also involves acceptance of the terms of this Privacy Policy. Any User that does not agree with any provisions of the same has the option to discontinue the Services provided by Aster immediately.
- All the information provided to us by a User, including sensitive personal information, is voluntary. You understand that Aster, either itself or with its Partners, may use certain information of yours, which has been designated as ‘sensitive personal data or information’ under the SPI Rules, (a) for the purpose of providing you the Services, (b) for commercial purposes and in an aggregated or non- personally identifiable form for research, statistical analysis and business intelligence purposes, for (c) for sale or transfer of such research, statistical or intelligence data in an aggregated or non-personally identifiable form to our Partners. Aster also reserves the right to use information provided by or about the User for the following purposes:
- Contacting Users for offering new products or services.
- Contacting Users for taking product and Service feedback.
Analyzing software usage patterns for improving product design and utility.
- Analyzing anonymized information for commercial use.
You hereby consent to such use of such information by Aster and our Partner.
- Collection of information which has been designated as ‘sensitive personal data or information’ under the SPI Rules requires your express consent. By affirming your assent to this Privacy Policy, you provide your consent to such collection as required under applicable law. Our Services may be unavailable to you in the event such consent is not given.
- Users’ personally identifiable information, which they choose to provide on the Website or App is used to help the Users describe/identify themselves. Other information that does not personally identify the Users as an individual, is collected by Aster or our Partners from Users (such as, patterns of utilization described above) and is exclusively owned by Aster or its partners. We or our Partners may also use such information in an aggregated or non-personally identifiable form for research, statistical analysis and business intelligence purposes, and may sell or otherwise transfer such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties. In particular, we and our Partners reserve with us the right to use anonymized User demographics information and anonymized User health information for the following purposes:
Analyzing software usage patterns for improving product design and utility.
Analyzing such information for research and development of new technologies.
- Using analysis of such information in other commercial product offerings of Aster or our Partners.
- Sharing analysis of such information with third parties for commercial use.
- You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information provided as part of account registration. If your personal information changes, you may correct, delete inaccuracies, or amend information by making the change on your profile information page on the Websites or App or by contacting us at askaster@asterdmhealthcare.com We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. If you provide any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or Aster has reasonable grounds to suspect that the information provided by you is untrue, inaccurate, out of date or incomplete, Aster may, at its sole discretion, discontinue the provision of the Services to you.
- If you wish to cancel your account or request that we no longer use your information to provide you services, contact us through askaster@asterdmhealthcare.com. We will retain your information for as long as your account with the Services is active and as needed to provide you the Services. We shall not retain such information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. After a period of time, your data may be anonymized and aggregated, and then may be held by us or our Partners as long as necessary for us to provide our Services effectively or improve the Services, but our use of the anonymized data will be solely for analytic purposes.
- Aster may require the User to pay with a credit card, debit card, net banking or other online payment mechanisms for Services for which an amount(s) is/are payable. Aster will collect such User’s credit card number and/or other financial institution information such as bank account numbers and will use that information for the billing and payment processes including but not limited to the use and disclosure of such credit card number and information to third parties as necessary to complete such billing operation. Verification of credit information, however, is accomplished solely by the User through the authentication process offered by a third-party payment gateway. User’s credit-card/debit card details are transacted upon secure sites of approved payment gateways which are digitally under encryption, thereby providing the highest possible degree of care as per current technology. User is advised, however, that internet technology is not full proof safe and User should exercise discretion on using the same.
- Due to the communications standards on the Internet, when a User or anyone who visits the Website, we automatically receive the URL of the site from which anyone visits. We also receive the Internet Protocol (IP) address of each User’s computer (or the proxy server a User used to access the World Wide Web),
User’s computer/ device operating system and type of web browser the User is using, email patterns, as well as the name of User’s ISP. This information is used to analyze overall trends to help Aster improve its Service. The linkage between User’s IP address and User’s personally identifiable information may be available to us or our Partners but is not shared with other third parties. Notwithstanding the above, we may share some of the aggregate findings (not the specific data) in anonymized form (i.e., non-personally identifiable) with advertisers, sponsors, investors, strategic partners, and others in order to help grow our business.
- The Website may use cookies to store certain data (that is not sensitive personal data or information) that is used by us and our partners for the technical administration of the Website, App, research and development, and for User administration. In the course of serving advertisements or optimizing services to its Users, Aster may allow authorized third parties to place or recognize a unique cookie on the User’s browser. The cookies however, do not store any personal information of the User.
- In order to have access to all the features and benefits on our Website or App, a User must first create an account on our Website or App. To create an account, a User is required to provide the following information, which such User recognizes and expressly acknowledges is personal information allowing others, including Aster, to identify the User: name, User ID, email address, address, date of birth, gender, phone number and password chosen by the User. Other optional information may be requested on the registration page. We may, in future, include other optional requests for information from the User to help us to customize the Services to deliver personalized information to the User. However, we assume your consent in relation to various matters, once you complete the registration process.
- This Privacy Policy applies to Websites, App and Services that are owned and operated by Aster. We do not exercise control over the sites that may be displayed as search results or links from within the Services. These other sites may place their own cookies or other files on the Users’ computer, collect data or solicit personal information from the Users, for which Aster is not responsible or liable. Accordingly, Aster does not make any representations concerning the privacy practices or policies of such third parties or terms of use of such websites, nor does Aster guarantee the accuracy, integrity, or quality of the information, data, text, software, sound, photographs, graphics, videos, messages or other materials available on such websites. The inclusion or exclusion of such other sites does not imply any endorsement by Aster of the website, the website's provider, or the information on the website. If you decide to visit a third-party website linked to the Aster Website, you do this entirely at your own risk. Aster encourages the User to read the privacy policies of that website.
- The Services may enable a User to communicate with other Users or to post information to be accessed by others, whereupon other Users may collect such data. Aster hereby expressly disclaims any liability for any reliance or misuse
of such information that is made available by Users or visitors in such a manner.
- Aster may periodically ask users to complete surveys asking about their experiences with features of the Websites, App and Services. Our surveys may ask visitors for demographic information such as age, gender, and education. We use survey information for evaluation and quality improvement purposes, including helping Aster to improve information and services offered. In addition, users giving feedback may be individually contacted for follow-up due to concerns raised during the course of such evaluation. Demographic information and Web log data may be stored for future evaluation and quality improvement activities.
- Comments or questions sent to us using email or secure messaging forms will be shared with our employees and health care professionals who are most able to address the comment or question. We will archive your messages once we have made our best effort to provide you with a complete and satisfactory response. Some of our services such as our automated appointment selection and prescription refill for Aster generated prescriptions interact directly with other Aster data systems. Data about your transaction may be stored in these systems, and available to people who test and support these systems. When you use a service on the Websites or the App to interact directly with Aster health care professionals, some information you provide may be documented in your medical record, and available for use to guide your treatment as a patient.
- Our Websites and the App may include social media Features, such as the Facebook button. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Your interactions with these Features are governed by the privacy statement of the company providing them.
- If you are using the Websites or App, with your permission, we will use the geo-location feature of your mobile device or same or similar feature of the device you are using to access the Websites. When you download and use the App, we automatically collect information on the type of device you use, operating system version, and the device identifier. Aster and our Partners do not share your location information with other any third party. You may opt out of location-based services on your mobile phone by changing the relevant/ applicable setting at your device level.
- Aster does not collect information about the visitors of the Website from other sources, such as public records or bodies, or private organisations, save and except for the purposes of registration of the Users (the collection, storage and disclosure of which each User must agree to under the terms of use in order for Aster to effectively render the Services).
- Aster has implemented best standard industry practices and security policies, rules and technical measures to protect the personal data that it has under its control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. However, for any data loss or theft due to unauthorized access to the User’s electronic devices
through which the User avails the Services, Aster or its Partners shall not be held liable for any loss whatsoever incurred by the User.
- Aster ensures it and its partners implement reasonable security practices and procedures that are commensurate with respect to the information being collected and the nature of Aster’s business. The reasonable security practices and procedures implemented by us include but are not limited to: encrypting data when it is on the move using industry standard practices, regularly changing production keys and password, secure access to all production servers, performing regular security updates on our servers and more.
- Aster takes your right to privacy very seriously and other than as specifically stated in this privacy Policy, will only disclose your personal information in the event it is required to do so by law, rule, regulation, law enforcement agency, governmental official, legal authority or similar requirements or when Aster, in its sole discretion, deems it necessary in order to protect its rights or the rights of others, to prevent harm to persons or property, to fight fraud and credit risk, or to enforce or apply the Terms of Use.
- Aster may also disclose or transfer End-Users’ personal and other information a User provides, to a third party as part of reorganization or a sale of the assets of a Aster division or company. Any third party to which Aster transfers or sells its assets to will have the right to continue to use the personal and other information that Users provide to us, in accordance with the Terms of Use.
- To the extent necessary to provide Users with the Services, Aster may provide their personal information to third party contractors who work on behalf of or with Aster to provide Users with such Services, to help Aster communicate with Users or to maintain the Website or App. Generally these contractors do not have any independent right to share this information, however certain contractors who provide services on the Website, including the providers of online communications services, will have rights to use and disclose the personal information collected in connection with the provision of these Services in accordance with their own privacy policies.